Dreamer

HackTheBox Certificate Writeup

This writeup covers exploiting a Zip-Slip vulnerability in a specific scenario, followed by a defender evasion using a SliverC2 implant. It includes extracting password hashes from MySQL databases, cracking them, pivoting between users, and finally abusing the SeImpersonatePrivilege to escalate privileges